Free Simple CMS versions 1.0 and below suffer from a remote file inclusion vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/94001/oCERT-2010-003.txt
Source: https://packetstormsecurity.com/files/94001/Open-Source-CERT-Security-Advisory-2010.3.html